package com.baixun.gassystem.springsecurity;

//import com.example.spcsystem.filter.TokenCheckFilter;




import com.baixun.gassystem.filter.TokenCheckFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import javax.servlet.http.HttpServletResponse;

/**
 * springsecurity 路径权限配置类
 */
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    public TokenCheckFilter tokenCheckFilter;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //任何访问均需要认证
        http.authorizeRequests()
                //登录接口放行
              .antMatchers("/user/login", "/", "/doc.html", "/user/info", "/login","/user/verificationCode", "/swagger-resources", "/v2/api-docs","/swagger-resources/configuration/ui").permitAll()
                .antMatchers("/webjars/**", "/css/**", "/js/**", "/app/**", "/images/**","/mode-Text.js").permitAll().
                //接口文档放行
                        antMatchers("/doc.html").permitAll()
                //回调接口放行
                .antMatchers("/api/callback/**").permitAll()
                .antMatchers("/**").hasAuthority("VIEW_ALL_PAGES")  // 只有拥有 VIEW_ALL_PAGES 权限的用户可以访问 /admin/**
                .antMatchers("/video/**").hasAuthority("VIEW_VIDEO_MONITOR").  // 只有拥有 VIEW_VIDEO_MONITOR 权限的用户可以访问 /video/**
                antMatchers("/drone/**").hasAuthority("VIEW_DRONE").//只有拥有 VIEW_DRONE 权限的用户可以访问 /drone/**
                antMatchers("/fa/**").hasAuthority("VIEW_Fa").//只有拥有 VIEW_LAW_ENFORCEMENT 权限的用户可以访问 /law/**
                //具备student权限的才可以访问stu路径
//                .antMatchers("/stu/**").hasRole("student").
                anyRequest().authenticated();
        http.addFilterBefore(tokenCheckFilter,UsernamePasswordAuthenticationFilter.class);
        //关闭跨域
        http.csrf().disable();
        http.formLogin().permitAll();
    }



    /**
     * 配置密码加密器
     * @return
     */
    @Bean
    public PasswordEncoder passwordEncoder(){
        //官方推荐的密码加密器
        return new BCryptPasswordEncoder();
    }


}
